mirror of
https://github.com/external-secrets/external-secrets.git
synced 2024-12-14 11:57:59 +00:00
76cf8ad263
This removes the need for an intermediary Kind=ExternalSecret and Kind=Secret when using a generator. Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
33 lines
715 B
YAML
33 lines
715 B
YAML
{% raw %}
|
|
apiVersion: generators.external-secrets.io/v1alpha1
|
|
kind: Password
|
|
metadata:
|
|
name: strong-password
|
|
spec:
|
|
length: 128
|
|
digits: 5
|
|
symbols: 5
|
|
symbolCharacters: "-_$@"
|
|
noUpper: false
|
|
allowRepeat: true
|
|
---
|
|
apiVersion: external-secrets.io/v1alpha1
|
|
kind: PushSecret
|
|
metadata:
|
|
name: pushsecret-example
|
|
spec:
|
|
refreshInterval: 6h
|
|
secretStoreRefs:
|
|
- name: aws-parameter-store
|
|
kind: SecretStore
|
|
selector:
|
|
generatorRef:
|
|
apiVersion: generators.external-secrets.io/v1alpha1
|
|
kind: Password
|
|
name: strong-password
|
|
data:
|
|
- match:
|
|
secretKey: password # property in the generator output
|
|
remoteRef:
|
|
remoteKey: prod/myql/password
|
|
{% endraw %}
|